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Amendment and Response to Final Office Action 



CLAIM AMENDMENTS 

Please amend the claims to be as follows. 

1 . (currently amended) A method of processing a packet sent to a provider network, the 
method comprising: 

receiving the packet via a user port of [[an]] a first edge switch of the network, 
wherein the user port is an input port of the first edge switch; 

determining forwarding and routing by the edge switch based on a user VLAN 
identifier (VID) of a user VLAN tag for the packet; [[and]] 

creating a tunnel between the user port of the first edge switch arid a user port of a 
second edge switch using double VLAN tagging by inserting a provider 
VLAN tag, including a provider VID, into the packet at a provider port of the 
edge switch prior to transmission of the packet via the provider port, wherein 
the provider port is an output port of the edge switch : and 

providing a service level in relation to traffic flowing through said tunnel which 

provides a security action of dropping the packet or forwarding the packet to 
management software . 

2. (original) The method of claim 1, further comprising: 

forwarding and routing the packet by a middle switch based on the provider VLAN 
tag. 

3. (original) The method of claim 1, wherein the packet received includes a user VLAN tag, 
and wherein the user VID is derived from the user VLAN tag. 

4. (original) The method of claim 1, wherein the packet received does not include a user 
VLAN tag, and wherein the user VID is assigned to be a port VID associated with the 
user port. 
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5. (original) The method of claim 1, wherein the provider VID comprises a VID of a 
destination VLAN. 

6. (original) The method of claim 1, wherein the provider VID comprises a port VID 
associated with the input port. 

7. (currently amended) The method of claim 1, wherein the first edge switch determines a 
class of service (COS) for the packet based on the user VLAN tag. 

8. (currently amended) The method of claim 1, wherein the first edge switch determines 
[[a]] the security action for the packet based on the user VLAN tag. 

9. (currently amended) The method of claim 1, further comprising: 

receiving the packet by a provider port of [[a]] the second edge switch of the network; 
and 

stripping the provider VLAN tag from the packet. 

10. (original) The method of claim 9, wherein the packet is routed to more than one middle 
switch before arriving at the second edge switch. 

1 1 . (currently amended) A switch apparatus for processing a packet sent to a provider 
network, the apparatus comprising: 

a user port for receiving the packet, the user port being an input port of the switch 
apparatus; 

forwarding logic for determining forwarding and routing based on a user VLAN 
identifier (VID) of a user VLAN tag for the packet; and 

a provider port that inserts a provider VLAN tag, including a provider VID, into the 
packet prior to transmission of the packet such that the transmitted packet has 
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at least two VLAN tags, the provider port being an output port of the switch 
apparatus , such that a tunnel is created between the user port of the switch 
a pparatus and a user port of a different switch apparatus, wherein a service 
level is provided in relation to traffic flowing through said tunnel which 
provides a security action of dropping the packet or forwarding the packet to 
management software . 

12. (currently amended) A system for processing packets sent to a provider network, the 
system comprising: 

a first switch configured to receive a packet via a user port, to determine routing and 
forwarding for the packet based on a user VID of a user VLAN tag, and to 
insert a provider VLAN tag into the packet at a provider port prior to 
transmission of the packet such that the transmitted packet has at least two 
VLAN tags therein; and 

a second switch configured to receive the packet having at least two VLAN tags via a 
provider port, to strip the provider VLAN tag from the packet at the provider 
port, and to determine routing and forwarding for the packet based on the user 
VID for the user VLAN tag* 

wherein a tunnel is created between the user port of the first switch and a user port of 
the second switch, and 

wherein a service level is provided in relation to traffic flowing through said tunnel 
which provides a security action of dropping the packet or forwarding the 
packet to management software . 

13. (original) The system of claim 12, further comprising at least one middle switch 
communicatively coupled between the first and second switches. 

14. (original) The system of claim 12, further comprising utilization of a class of service 
(COS) for routing and forwarding of the packet that is based on the user VID. 
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15. (currently amended) The system of claim 12, further comprising determining [[a]] the 
security action for the packet based on the user tag. 

16. (currently amended) A method of routing and forwarding a packet using double Q 
tagging bv inserting a provider VLAN tag in addition to a user VLAN tag to create a 
tunnel between a user port of a first switch and a user port of a second switch, wherein a 
user-expected service level is provided in relation to traffic flowing through the tunnel 
which provides a security action of dropping the packet or forwarding the packet to 
management software . 

17. (canceled) 

18. (canceled) 

19. (currently amended) An apparatus for processing a packet sent to a provider network, 
the apparatus comprising: 

means for receiving the packet via a user port of an edge switch of the network, the 
user port being an ingress port for the edge switch; 

means for determining forwarding and routing by the edge switch based on a user 
VLAN identifier (VID) of a user VLAN tag for the packet; and 

means for inserting a provider VLAN tag, including a provider VID, into the packet at 
a provider port of the edge switch prior to transmission of the packet via the 
provider port, the provider port being an egress port of the edge switch , such 
that a tunnel is created between the user port of the edge switch and a user port 
of a different edge switch, wherein a service level is provided in relation to 
traffic flowing through said tunnel which provides a security action of 
dro pping the packet or forwarding the packet to management software . 
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